Lucene search
K

90 matches found

The Hacker News
The Hacker News
added 2025/10/23 7:52 a.m.7 views

'Jingle Thief' Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards

Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud. "Jingle Thief attackers use phishing and smishing to steal...

6.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/10/22 4:0 p.m.8 views

The CISO imperative: Building resilience in an era of accelerated cyberthreats

The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberattacks and the persistent risk of nation-state actors demand urgent attention. But for those of us in the Office of the Chief Information Security...

7.4AI score
Exploits0
Securelist
Securelist
added 2025/09/10 2:0 p.m.7 views

Notes of cyber inspector: three clusters of threat in cyberspace

Hacktivism and geopolitically motivated APT groups have become a significant threat to many regions of the world in recent years, damaging infrastructure and important functions of government, business, and society. In late 2022 we predicted that the involvement of hacktivist groups in all major...

6.6AI score
Exploits0
Securelist
Securelist
added 2024/11/14 9:0 a.m.32 views

Сrimeware and financial cyberthreats in 2025

Kaspersky's Global Research and Analysis Team constantly monitors known and emerging cyberthreats directed at the financial industry, with banks and fintech companies being the most targeted. We also closely follow threats that aim to infiltrate a wider range of industries, namely ransomware...

7.5AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/10/28 1:0 p.m.8 views

Cybercriminals Pose a Greater Threat of Disruptive US Election Hacks Than Russia or China

A report distributed by the US Department of Homeland Security warned that financially motivated cybercriminals are more likely to attack US election infrastructure than state-backed hackers...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/20 7:23 a.m.19 views

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

North Korean information technology IT workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. "In some...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/09 1:33 p.m.24 views

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret. The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview tha...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2024/10/03 10:0 a.m.19 views

Threat actor believed to be spreading new MedusaLocker variant since 2022

Cisco Talos has discovered a financially motivated threat actor, active since 2022, recently observed delivering a MedusaLocker ransomware variant. Intelligence collected by Talos on tools regularly employed by the threat actor allows us to see an estimate of the amount and countries of origin of...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/28 10:21 a.m.41 views

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware group continues to leverage...

7.2CVSS7.6AI score0.2677EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/08/25 5:37 a.m.13 views

New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules

Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/31 10:1 a.m.21 views

Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes

A new malicious campaign has been observed making use of malicious Android apps to steal users' SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords OTPs used for online...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/10 11:0 a.m.34 views

Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia

Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People's Republic of China PRC. "The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs,"...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/16 3:16 a.m.12 views

Cybercriminals Exploiting Microsoft's Quick Assist Feature in Ransomware Attacks

The Microsoft Threat Intelligence team said it has observed a threat actor it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks. "Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2024/04/25 12:0 p.m.73 views

Talos IR trends: BEC attacks surge, while weaknesses in MFA persist

Business email compromise BEC was the top threat observed by Cisco Talos Incident Response Talos IR in the first quarter of 2024, accounting for nearly half of engagements, which is more than double what was observed in the previous quarter. The most observed means of gaining initial access was t...

7.5CVSS8.3AI score0.7761EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/04/18 1:58 p.m.27 views

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak aka Anunak. "FIN7 identified employees at the company who worked in the IT department and had higher levels of...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/17 10:57 a.m.69 views

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber aka C3RB3R ransomware. The attacks leverage CVE-2023-22518 CVSS score: 9.1, a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated...

10CVSS9.6AI score0.99999EPSS
Exploits14
Rapid7 Blog
Rapid7 Blog
added 2024/03/28 6:35 p.m.33 views

Stories from the SOC Part 1: IDAT Loader to BruteRatel

Rapid7’s Managed Detection and Response MDR team continuously monitors our customers' environments, identifying emerging threats and developing new detections. In August 2023, Rapid7 identified a new malware loader named the IDAT Loader. Malware loaders are a type of malicious software designed t...

8.1AI score
Exploits0
hivepro
hivepro
added 2024/02/12 12:0 p.m.22 views

Albabat Ransomware Infiltrates via Counter-Strike Cheat Utility

Summary: Albabat ransomware, made its debut in November 2023, emerging as a financially motivated threat crafted in Rust. This ransomware has targeted both corporate entities and individual consumers across diverse geographical regions. Threat Level - Red | Attack Report For a detailed threat...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/09 1:45 p.m.52 views

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

Poorly secured Microsoft SQL MS SQL servers are being targeted in the U.S., European Union, and Latin American LATAM regions as part of an ongoing financially motivated campaign to gain initial access. "The analyzed threat campaign appears to end in one of two ways, either the selling of 'access'...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/29 5:16 a.m.57 views

Microsoft Disables MSIX App Installer Protocol Widely Used in Malware Attacks

Microsoft on Thursday said it's once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. "The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vect...

7.1CVSS7AI score0.10295EPSS
Exploits1
Rows per page
Query Builder